Privacy notice

Information Note on Data Protection and Data Processing

Café Reklám Zrt. (registered seat: H-1037, Budapest Seregély utca 3-5., number of registration by the National Authority for Data Protection and Freedom of Information (NAIH): NAIH-131800/2017; hereinafter referred to as the Data Controller) processes the personal data of visitors registered in order to download the CANnual Report (hereinafter referred to as the User) for marketing purposes (sending newsletters, information notes, etc. electronically). Data Controller protects the personal data of registered Users in every reasonable way. By supplying their data, Users expressly consent to the storage, use and transfer of their personal data in the manner set out in this policy.

Café Reklám Zrt. reserves the right to involve data processors in data processing in which case it will be communicated to the Users by modifying this policy.

1. Data subjects:

Visitors registered for the purpose of downloading the CANnual Report

2. Scope of personal data processed:

By supplying their data, Users expressly consent to the gathering, storage and use of their below data - which may be provided at their own discretion - for the purposes provided in this policy:

name

email address

logging of visits at our website

Data processing is based on voluntary consent of the User.

3. Purpose and method of data processing:

The purpose of data processing by Café Reklám Zrt. is to contact private individuals and enterprises - registered at cannualreport.wecan.net website in order to download the CANnual Report - for marketing purposes (sending newsletters, information notes, etc. electronically).

Café Reklám Zrt. does not verify the personal data supplied by the users; Users shall be liable for the authenticity and compliance of such data. Users assume liability for ensuring that the email address given by them is only used by them for the purposes of availing of Café Reklám Zrt.’s services.

Café Reklám Zrt. makes sure that its subcontractor involved in the processing of data complies with the provisions of this policy and the data controller is liable for the compliance by the subcontractor.

4. Copyright protection

Registered users shall be entitled to read the CANnual Report, to make copies thereof by way of printing or downloading it to a disc for informational purposes, personal and non-commercial use only. Data included in the publication may be referenced, copied and distributed freely provided that the original source is indicated in such disclosure. No copies of any part of the publication CANnual Report may be sold or transferred in consideration for commercial profits, furthermore no parts of the publication may be changed or included in any other work, publication or website either electronically or traditionally.

5. General rules of data protection:

Data processing by Café Reklám Zrt. is always in compliance with the applicable legal provisions and the data protection rules set out in this policy. Café Reklám Zrt. may only use such data in the course of its activity and shall not disclose them to any other natural or private person (except its subcontractor involved in data processing) for any reason without the consent of the data subject.

The previous provision shall not apply to data disclosure required by law and the use of aggregated data for statistical purposes without the name or other personal identifiers of the User.

Should Data Controller intend to use the data supplied for purposes other than those set out in this data protection policy, it shall inform the User thereof accordingly by sending an email to the email address provided by the User and request the User’s express and prior consent, as well as, allow for the User to prohibit the different use of such data.

6. Term of data processing:

Having regard to the fact that data disclosure by User is voluntary and free of external influence, Data Controller processes the User’s data until when User prohibits the use of such data in writing, by sending an email to info@wecan.net email address or a postal mail to the following address: H- 1037 Budapest, Seregély u. 3-5. In case of such prohibition, Data Controller will delete the data concerned from the register immediately. For further information about data subjects’ rights see Point 9.

In case of any suspected criminal offence or the enforcement of civil liability, the Operator/Data Controller shall be entitled to retain the data supplied by the User until the final closing of the proceedings initiated and to use them as evidence.

7. Person responsible for internal data protection:

Café Reklám Zrt.

8. Amendment of the Data Processing Policy:

Café Reklám Zrt. reserves the right to amend this data protection and data processing policy unilaterally at any time and it shall publish such amendments in a consolidated version of the policy at www.wecan.net.

9. Rights of data subjects:

Upon the User’s request the Data Controller provides information concerning the related data, including those data which are processed by a data processor on its behalf, the sources from where the data were obtained, the purpose, grounds and duration of the data processing, the name and address of the data processor and on its activities relating to data processing, and – if the personal data of the data subject has been disclosed to third parties - the legal basis of the disclosure and the detailed list of the concerned third parties, as recipients. Information can be requested by email and by postal mail at the following addresses: info@wecan.net or H-1037 Budapest, Seregély u. 3-5., in both cases with proving identity and providing postal address. Data Controller shall answer the received inquiry within 25 days from receiving it.

The User may ask for the rectification of the concerned personal data (with indicating the correct data) by email or by postal mail at the following addresses: info@wecan.net or H-1037 Budapest, Seregély u. 3-5., in both cases with proving identity and postal address. Data Controller shall perform rectification immediately in its record and shall notify the data subject in writing of the performed rectification.

Besides the above, partial or entire deletion or blocking of the personal data provided by the User may be requested without reasoning for free of charge by email or by postal mail at the following addresses: info@wecan.net or H-1037 Budapest, Seregély u. 3-5., in both cases with proving identity and postal address. Data Controller immediately terminates data processing and deletes User from its record upon the receipt of the relevant request.

Instead of deletion the personal data must be blocked upon the request of the User, or if there is any reasonable grounds to assume that the deletion could affect the legitimate interests of the User.

Blocked data may be processed only for the purpose prevented the deletion.

If the Data Controller refuses to comply with the User’s request for rectification, blocking or deletion, the factual or legal reasons on which the decision for refusing the request for rectification, blocking or deletion is based must be communicated in writing within 25 days of receipt of the request.

Where rectification, blocking or deletion is refused, the Data Controller must inform the User of the possibilities for seeking judicial remedy or lodging a complaint with the Hungarian National Authority for Data Protection and Freedom of Information.

The User has the right to file an objection concerning the data processing of its own data:

if data processing or disclosure is carried out solely for the purpose of discharging the Data Controller’s legal obligation or for enforcing the rights and legitimate interests of the Data Controller, the recipient or a third party, unless processing is mandatory;

if personal data is used or disclosed for the purposes of direct marketing, public opinion polling or scientific research; and

in all other cases prescribed by law.

In the event of objection, the Data Controller investigates the cause of objection within the shortest time possible but no later than 15 days, adopts a decision as to merits and notifies the User in writing of its decision. If the User disagrees with the decision taken by the Data Controller, or if the Data Controller fails to meet the above deadline, the User has the right to turn to court within 30 days of the date of delivery of the decision or from the last day of the above deadline.

10. Governing law:

The governing law shall be the Hungarian Law, with special regard to the provisions of Act CXII of 2011 on the right of informational self-determination and on freedom of information.

11. Legal remedies:

Users shall be entitled to enforce their rights pursuant to the provisions of Act CXII of 2011 on the informational self-determination and the freedom of information, Act V of 2013 on the Civil Code of the Republic of Hungary, as well as, the related laws and regulations before the competent authorities: at the Hungarian National Authority for Data Protection and Freedom of Information [Nemzeti Adatvédelmi és Információszabadság Hatóság] (address: 1125 Budapest, Szilágyi Erzsébet fasor 22/C.) or before courts. For further information, Users may contact the National Authority for Data Protection and Freedom of Information (www.naih.hu).